How to fix information security of your organisation in 10 easy steps

Cyber Security animation

The consequences of a ransomware attack can be catastrophic. The security of your IT is vital but it is easy to fall into a “secure enough” mindset.

This mindset provides hackers an opportunity. To put it simply: there is no such thing as “that’ll do” with security. Information security is a complex topic. For now, here is our free, quick starter guide that you can implement right away. You can download a printable, full version below.

Padlock pictogram

Set up strong passwords

This is simple: start by changing your passwords. The longer your password is, the harder it is to crack. Use modern browsers and password manager plugins to generate secure passwords for you. They are significantly stronger than the password options you may have made up yourself.

Computer and phone

Activate two factor authentication

Two Factor Authentication (2FA) adds another security layer to any of your login processes. This significantly reduces the chances of your account getting hacked.

Once you enable 2FA, it is not sufficient for a hacker to know your password. Especially as the second layer usually is time-sensitive. This makes your online accounts a lot more secure.

Social media icons

Check your social networks

Minimise the personal information seen on your various socials. Facebook, Twitter, LinkedIn, Xing, etc. can provide useful information that an interested attacker can use to hack you. Many users conveniently but insecurely use a memorable 6 digit PIN – a birth date for example – to unlock their phone. If this information is listed online, your PIN is too.

Computer and persona icon

Remove personal information from your online & offline presence

Avoid releasing personally identifiable information wherever possible – not only from social media. Get used to keeping personal information out of text messages, emails, and published content. If you need to send personally identifiable information, use a more secure method to do so, such as a secure dropbox or encrypted messenger tools.

Comupter updated

Update your system and software regularly

Some bugs in the software or system you use can be so serious, or so easy to exploit, that hackers can perform random attacks rather than targeted ones. That means that even a relatively minor vulnerability can become critical when combined with others. Apply software updates religiously!

Computer protected

Use anti-virus software

Anti-virus and anti-malware software protect you by mitigating known risks, using signatures of existing viruses, and real-time system security scanning.

We recommend free anti-virus tools including AVG Free, Avast Free or Avira Antivir. Windows 10+ users can use Microsoft’s built-in anti-virus software, Windows Defender.

Hands and shield

Secure your online activities

To reduce your tracks online, we recommend using an ad blocker (e.g. uBlock Origin or AdGuard). We also recommend declining any GDPR data collection when websites pop up a request for permission to track you.

Keep track of your files, who can access them and how – especially if they contain personal information. Use a VPN to provide encypted privacy and anonymity when using a public network.

Usb stick

Be careful with the hardware you use

Harmful software (malware) also can enter your system through hardware you connect to it: e.g. external storage such as USB sticks. To limit your risks, you can scan USB sticks and disks before use with common anti-virus software.

Hard drive

Create physical backups

It’s not sufficient to rely on the security of cloud storage. Cloud services are vulnerable and are a regular target for hackers since one flaw can provide access to many users’ data. Even if it’s encrypted, that encryption may be broken in the future. Hackers could delete or ransom cloud data, too. To be safe, you need to back up your data properly and repeatedly.

Computer and education

Onboard your team

Train employees (and yourself) to consistently follow these practices. A security system is only as good as its weakest link. Some of these steps take time to implement, so allow time for your team to perform and adapt to these changes.

We offer tailored workshops and individual training on information security and how to apply best practices within your organisation.
Book a quick discovery session. Free of charge, full of value.

Photo Simon Stegemann

Simon Stegemann
Co-Founder & CEO